undefined | Better HN

0 pointssoylentnewsorg4y ago0 comments

I'll start by saying I spent a full 5 minutes reading through those and gave up. I asked for an example, you pasted twenty pages of random garbage and said "here, maybe you'll find something in this dump I took - why don't you spend some time and maybe I'll prove you wrong."

In those five minutes of looking through your garbage dump, I found Zero vulnerabilities that do not need either you installing a virus, which then gets root (the vulnerability), or a bug in an application running as root that's out of date, which then of course gives the attacker of the application root. None of those are valid examples, and I'm now bored digging through random garbage.

Any hack, in Any application, will give the attacker root - we're running rooted phones (for the extra functionality).

If you want to make a point, note the actual bug listed that does not need a compromised application. You installing a virus then the virus getting root does not count. The thread is about a kernel bug giving a remote attacker control of your phone. Applications and drivers like your modem can be updated without you updating the kernel. The latest N6 kernel is 4.9.3, with updates from the end of 2019.

0 comments

kaba04y ago

Do you also run all your programs as root on desktop? Wtf.

Also, regarding your previous post, modern Android and ios is lightyears ahead in security than any desktop os out there, for good reason (majority of people interact with their phones, and store much more sensitive data there)

soylentnewsorgOP4y ago

>Do you also run all your programs as root on desktop? Wtf.

yes. always have. same in windows where I also don't use antivirus. and this is what most tech people do for their personal equipment. because the one issue I had, in my 30+ years of using computers, and 20+ years of doing it professionally as a dev, sysadmin, and storage admin, I only once got a virus.

i'll tell you a little secret too. yes, it's wtf to people who don't know what they're doing and need the safeguard against when they screw up. I know enough to not screw up. now go pipe a bash script from a webpage to sh to install something, because that's what the installation manual for your game said to do.

kaba04y ago

Anyone saying they know enough not to screw up, most definitely knows hardly anything. Also, screwing up is not about knowing enough, it’s about being human, who make mistakes.

Running anything under root is just insanely stupid.

sa14y ago

There’s an example of it on HN front page right now, where a terminal application without privileges can trigger a kernel bug.

soylentnewsorgOP4y ago

for those times when I run that terminal application on my phone. which is already rooted, so it's doesn't need the kernel bug to get root. it can just run.

sa14y ago

Your phone might be already rooted, but that's not true in general, and doesn't mean that the kernel doesn't have an attack surface on phones.

j / k navigate · click thread line to collapse

0 comments

kaba04y ago

Do you also run all your programs as root on desktop? Wtf.

soylentnewsorgOP4y ago

>Do you also run all your programs as root on desktop? Wtf.

kaba04y ago

Anyone saying they know enough not to screw up, most definitely knows hardly anything. Also, screwing up is not about knowing enough, it’s about being human, who make mistakes.

Running anything under root is just insanely stupid.

sa14y ago

There’s an example of it on HN front page right now, where a terminal application without privileges can trigger a kernel bug.

soylentnewsorgOP4y ago

for those times when I run that terminal application on my phone. which is already rooted, so it's doesn't need the kernel bug to get root. it can just run.

sa14y ago

Your phone might be already rooted, but that's not true in general, and doesn't mean that the kernel doesn't have an attack surface on phones.

j / k navigate · click thread line to collapse